From c6045f3c70bf31cb54f66af60e10e5e788256b10 Mon Sep 17 00:00:00 2001
From: Matthew Wild <mwild1@gmail.com>
Date: Sat, 6 Nov 2010 18:28:15 +0000
Subject: certmanager, hostmanager, mod_tls: Move responsibility for creating
 per-host SSL contexts to mod_tls, meaning reloading certs is now as trivial
 as reloading mod_tls

---
 plugins/mod_tls.lua | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'plugins/mod_tls.lua')

diff --git a/plugins/mod_tls.lua b/plugins/mod_tls.lua
index a2667ff6..fa7b4688 100644
--- a/plugins/mod_tls.lua
+++ b/plugins/mod_tls.lua
@@ -6,6 +6,7 @@
 -- COPYING file in the source package for more information.
 --
 
+local create_context = require "core.certmanager".create_context;
 local st = require "util.stanza";
 
 local secure_auth_only = module:get_option("c2s_require_encryption") or module:get_option("require_encryption");
@@ -87,3 +88,14 @@ module:hook_stanza(xmlns_starttls, "proceed", function (session, stanza)
 	session.secure = false;
 	return true;
 end);
+
+function module.load()
+	local ssl_config = module:get_option("ssl");
+	host.ssl_ctx = create_context(host, "client", ssl_config); -- for outgoing connections
+	host.ssl_ctx_in = create_context(host, "server", ssl_config); -- for incoming connections
+end
+
+function module.unload()
+	host.ssl_ctx = nil;
+	host.ssl_ctx_in = nil;
+end
-- 
cgit v1.2.3